What appears to be happening here is a phisher created a Google Form and then made a bogus submission where they entered someone else’s email address. The result: that other person is emailed a genuine Google Forms submission receipt but the content of that email is actually phish.
Phishers often abuse legitimate services like Google Docs or Forms to send and/or host phishy content. If you receive an email notification from a service like that, think about whether it’s related to an action you remember doing or if it’s something you were expecting from someone you know. If not, it’s probably phish, so don’t click on any links.
