The list displays security-related emails that instagram has sent within the past two weeks. A secondary tab lists emails that aren't security-related, such as announcements about new features or direct message notifications. If you received an email from Instagram with a subject prompting you to change your password, for example, you could open up the app, check to see if that email is listed in the security tab, and then either delete it or read it depending on if it's a genuine message.
It's encouraging to see social media companies embracing increased levels of security. However, most problems come from data breaches and bugs rather than phishing scams. Earlier this year, third parties exposed the data of 540 million Facebook users. Last year, Twitter urged all of its users to change their passwords after every login credential was accidentally converted from a hashed code into easily readable plain text. At least with measures against phishing like this Instagram feature, more users can take their accounts' security into their own hands.