Access to your IG and FB would have happened on your account operated by their servers, not on your device. Securing your account with those services will have to be done by them, of course you can delete the apps off of your device.
If you receive an email stating that someone logged into your account, view the devices logged in by going to Settings > [name on top], and scroll to the bottom to view the devices that are logged in. If you see a device you do not recognize, you can remove it and you should also change your password. Without any other devices listed there, it does indicate a phishing email. To prevent phishing, just never trust a link sent to you either by email/message and there is no reason to respond to these and provide any information. If you do receive a message/email from a company that requires action, always goes to their official site using Safari and do not assume that a link from an email will take you there.
Everything detailed here only indicates that you may have had your accounts compromised simply by someone who was able to get your passwords to those services. They did not get them from hacking your iPhone and changing those passwords will secure your accounts. You should also use two factor authentication where available to make sure another device cannot log into your accounts even if they know your password.
You can perform a Factory Reset, but that will have no effect on an account that has been compromised. To further verify that you are not sharing information to anyone else and to review the devices using your account, you can run Safety Check.
How Safety Check on iPhone works to keep you safe - Apple Support