How do I spot and document a GPL violation?

Question

How to spot that someone copied open source code licensed with GPL to their closed source commercial application, when you don't have access to their closed source code?

Edit: Great answers! Part 2. What if it is a webapp where you don't even have access to the executables?

Scenario: They copy the source, make some minor changes to the gui so the front end is nearly identical; add a new feature to the otherwise totally identical back-end; and fail to release it back to open source.