Gmail has a nifty security tool in its lab section called “Authentication icon for verified senders.” Currently, some of the most common, high-profile vendors use it, such a PayPal, Google, Facebook, Twitter, eBay, and others. If you get an email from one of these domains, it will have a “key” icon attached to it and look like this:
Why is this helpful? It allows you to visually tell that the email came from a trusted sender. If you have this lab enabled and receive an email from Facebook and there is not “key” icon, it probably means it is a fake, so treat it with suspicion. Do not click on any links in the message until verified.
You can verify which companies are doing this by using the DMARC Inspector Tool. The domain record will show a “p=reject” record.
Here is what Facebook’s looks like:
v=DMARC1; p=reject; pct=100; rua=mailto:firstname.lastname@example.org,mailto:email@example.com; ruf=mailto:firstname.lastname@example.org;
Apple is not set up to work as we can tell by their record: