Identifying legitimate emails from the iTunes Store - http://support.apple.com/HT201679 - lacking in specifics, the next link is better:
Avoid phishing emails, fake 'virus' alerts, phony support calls, and other scams - https://support.apple.com/HT204759
Forward attempts as an attachment to: firstname.lastname@example.org
- Apple e-mails address you by your real name, not something like "Dear Customer" or "Dear Client".
- Apple e-mails originate from @apple.com or @itunes.com but I think it is possible to spoof a sender address
- Mouse over links to see if they direct to real Apple web sites.
- Phishing emails often threaten you to scare you into doing something without thinking.