During the threatening calls, the ransomware gang is hiding their location, so they can’t be tracked. The hackers are known to use spoofed US-based telephone numbers. They may be claiming to be calling from North Korea. Initially, their threats include leaking or selling stolen data if the victim refuses to pay the ransom demand.
In additional calls to the same victim, the cybercriminals have threatened that they will come to the home of an employee or a relative. The hackers are making the attack personal when they say they know where you live and know how to find your family. Some of the victim’s family members have been called and threatened by the hackers.
Despite the threats and intimidation, most ransomware attackers will not go directly to a person’s house to follow-up on these threats. They are probably going to publish some of the files and data that were stolen from your network. But they will not gain from physically interacting. Usually, these cybercrimes are committed by bad actors in other parts of the world.