In this presentation, one vulnerability in CSFB (Circuit Switched Fallback) in 4G LTE network is introduced. In the CSFB procedure, we found the authentication step is missing. The result is that an attacker can hijack the victim's communication. We named this attack as 'Ghost Telephonist.' Several exploitations can be made based on this vulnerability. When the call or SMS is not encrypted, or weakly encrypted, the attacker can get the content of the victim's call and SMS. The attacker can also initiate a call/SMS by impersonating the victim. Furthermore, Telephonist Attack can obtain the victim's phone number and then use the phone number to make advanced attack, e.g. breaking Internet online accounts. The victim will not sense being attacked since no 4G or 2G fake base station is used and no cell re-selection. These attacks can randomly choose victims or target a given victim. We verified these attacks with our own phones in operators' network in a small controllable scale. The experiments proved the vulnerability really exists. Finally, the countermeasures are proposed and now we are collaborating with operators and terminal manufactures to fix this vulnerability.