Using a tool like tineye  to find instances of your images used online is great fun, but what to do if you find an image misused?
(requisite back covering: this post outlines my approach to dealing with misused images, it does not constitute legal advice, always seek guidance from an image licensing or legal professional).
Exclusive Stock Image
Contact the agency selling it and put them to work. They have experience in dealing with this type of thing, and in some cases might be able to take legal action on your behalf. Letters from their lawyers are much more threatening than an email from you.
Non Exclusive Image
If the image is one from your personal collection and not for sale or is for sale at multiple agencies then unless the image is still watermarked with an agency logo there is no way to prove where it was taken from. It's up to you to take action.
Different Actions for Different Scenarios
A polite email would be my first course of action if the images were being redistributed on an independent site. Most websites have a contact address or contact form. There is however a moral dilemma, while it's fine that your images might get removed, what about the other photographers whose work our would-be villain might have stolen? If the photo has been uploaded to a photo-sharing site then there is usually a way to contact the user but if you have suspicions that the same user might have taken from multiple photographers then report it to the site administrators. Certainly if the person stands to gain through image sales (e.g. it's a stock photo agency) then report the theft to the agency direct. All large reputable sites that support uploading images also have some way to report or flag an image. In some cases you receive an automated email telling you to submit a "digital millennium copyright act (DMCA) takedown notice", others may act without it or take details for a form on their site.
Sometimes missuses are clear cut: someone has uploaded one of your photos to a stock library or photo sharing site and is misleading others into thinking they took the photo, whether this gains them money or not it's clear that it's a misuse of your work. Sometimes things are a little less obvious, especially where royalty free stock photos are concerned that have been licensed many times before to unknown parties.
Only if you are 100% absolutely sure that the image was not legally licensed by someone can you say that an image found somewhere has been stolen unless it is used outside of any normal or extended stock photo terms (promoting hate, attributing political opinion etc.). It's hard with RF  to actually know for sure especially if you have your images at multiple agencies. It would be more than just embarrassing to make a false accusation, under the DMCA ISP's are obliged to take down infringing work, if that means that they take down someones web page / site and it turns out that they licensed the images somewhere (but you forgot) then YOU can end up liable for any lost earnings or expenses they incurred.
Filing a DMCA takedown notice
The digital millennium copyright act defined requirements for a "take down" notice and the procedure to follow in dealing with it. While DMCA is an American Law, the EU and WIPO have similar directives in part. In much the same way that most countries follow the American CAN-SPAM rules (or have almost identical laws in place) to deal with unsolicited email, ISPs and hosts in many other countries tend to follow DMCA or a very similar process in dealing with infringements.
A DMCA takedown notice is a legal statement that you are making a truthful claim that you took the images and the other use has no right to use them. There is a broader overview of DMCA on wikipedia .
What's in a takedown notice:
- Reasonably sufficient details to enable the host to identify the work claimed to be infringed or, if multiple works are claimed to be infringed, a representative list of such works (for example: title, author, any registration or tracking number or URL of the image/page on your website);
- Reasonably sufficient detail to enable the host to identify and locate the material that is claimed to be infringing (for example a link to the page that contains the material on the infringing website);
- Your contact information (for example, your address, telephone number, email address);
- A statement that you have a good faith belief that the use of the material identified in (2) is not authorized by the copyright owner, its agent, or the law;
- A statement, under penalty of perjury, that the information in the notification is accurate and that you are authorized to act on behalf of the owner of the exclusive right that is alleged to be infringed.
- Your physical or electronic signature.
(source creativecommons.org )
You then send the notice to the company hosting the website (or the site managers via contact details that they provide explicitly on their as the destination for DMCA notices). You can find the hosting company's contact details if none are immediately obvious by performing a whois search, IP lookup or a national business register search if that fails. The notice must be in writing, but can be sent electronically by fax or email. To reiterate what I wrote above: I personally think it's wise to first send a polite email via a contact form on the website outlining the situation before going in with a formal takedown notice to the host.
What else can I do?
Another alternative approach might be to start a witch-hunt (I mean that in a nice way...) on the microstockgroup image sleuth forum , lots of pairs of eyes (and I admit a somewhat schadenfreude satisfaction) eager to see image thieves get their comeuppance. Such a post might also alert you to a common trap "partner microstock sites / apis ". Many agencies (with your permission) resell your images quite legally on 3rd party sites earning you additional sales revenue; so it's not unusual to find one of your images up for sale at another agency (although it should never be associated with name of someone else).
The final tough in this puzzle is "is it worth my time". Some would say "ALWAYS!", perhaps I'm too pragmatic in suggesting that certain minor infringements are not too serious, and if a quick email does nothing then leave it (?) . I wrote a little more on that thought in preventing image theft .