Basically the same way you tell if any email you receive is genuine and not a phishing attempt.
Also, consider using your registrar's WHOIS privacy service, if they provide one: your registrar only has to ensure the details you provided are genuine, and those can be masked in WHOIS.
I get plenty of emails in my whois-listed mailbox that purport to be from my registrar. Guess how many are genuine.