In-app browsers – implemented in native Android and iOS code using a component called a WebView – allow native app users to interact with websites without leaving their apps and opening free-standing browser applications. For this purpose, iOS offers WKWebView, part of the WebKit framework, and the more recent (and more privacy protecting) SFSafariViewController, part of the SafariServices framework.
Read more on The Register
How to protect yourself as a user?
Escape the in-app-webview
Most in-app browsers have a way to open the currently rendered website in Safari. As soon as you land on that screen, just use that option to escape it. If that button isn’t available, you will have to copy & paste the URL to open the link in the browser of your choice.
Use the web version
Most social networks, including Instagram and Facebook, offer a decent mobile-web version, offering a similar feature set. You can use
https://instagram.com without issues in iOS Safari.