I contacted my hosting company over a similar thing, asking if it were actually a phishing attack. They confirmed that no, it wasn't and yes, the domain name ICANN was using was legitimate even though it sounded like a scam. I was unimpressed.
I'll be holding on to my AV for a while longer. Did Google say who should be in charge of whitelisting? Was it them, by any chance?